A vulnerability in the Google Camera app may have allowed attackers to surreptitiously take pictures and record videos even if the phone is locked or the screen is off, Checkmarx researchers have discovered.
In addition to this, attackers would have also been able to eavesdrop on and record phone conversations, silence the camera shutter, transfer captured photos, video and data to their C&C server, and pull GPS location based on photo’s metadata.
Android camera spy: The discovery
Checkmarx researchers delved into the Google Camera app on Google Pixel 2 XL and Pixel 3 devices and discovered several permission bypass issues collectively labeled as CVE-2019-2234.
These issues could be exploited through an app that has on ..
Support the originator by clicking the read the rest link below.
